History
- Priority
- must
- Nov 2018
- Removed
- Removed due to duplication of intent of security control 0041.
- 2017
- A set of policies and procedures covering user identification, authentication and authorisationmust be developed and maintained, as well as communicated to and understood by users.
- 2015
- A set of policies and procedures covering user identification, authentication and authorisationmust be developed and maintained, as well as communicated to and understood by users.
- 2010
- Agencies must:• develop and maintain a set of policies and procedures covering system users’:– identification– authentication– authorisation• make their system users aware of the policies and procedures.
- 2008
- Agencies must: a. develop and maintain a set of policies, plans and procedures, derived from a risk assessment, covering system users’: 1) identification 2) authentication 3) authorisation b. make their system users aware of the agency’s policies, plans and procedures.